All articles tagged with #sim swapping
AT&T has introduced a new feature called Wireless Account Lock, allowing customers to prevent unauthorized changes to their accounts and protect against SIM swapping attacks by enabling a simple switch in the myAT&T app, with similar protections offered by other major US carriers like T-Mobile and Verizon.
AT&T has introduced a new Account Lock feature in its myAT&T app to protect users from SIM swapping attacks by preventing unauthorized account changes, including phone number transfers and SIM card updates, enhancing mobile security.
SIM-swapping is a rising form of identity theft where criminals take over your phone number to access personal and financial accounts. To protect yourself, use strong, unique passwords, enable multifactor authentication methods that don't rely on texts, set up a unique passcode with your carrier, and be vigilant against phishing schemes. If you fall victim, report the fraud to your carrier, the FTC, and credit agencies, and take steps to secure your financial accounts.
A journalist recounts their experience with port-out hijacking, a form of identity theft where criminals steal phone numbers to bypass security measures like two-factor authentication. Despite following best practices for online security, the journalist had $19,000 stolen from their credit card. The FCC has introduced new regulations to combat this crime, but their implementation has been delayed. Experts warn that SIM-swapping scams are on the rise and becoming more sophisticated, highlighting the need for stronger consumer protection protocols.
SIM swappers are now targeting phone numbers by porting them into new eSIM cards, taking advantage of the reprogrammable nature of eSIMs to bypass security measures and access bank accounts. This shift to eSIMs has allowed attackers to remotely hijack phone numbers, gaining access to two-factor authentication codes and online banking services. To defend against these eSIM-swapping attacks, users are advised to use complex and unique passwords for their cellular service provider accounts, enable two-factor authentication, and consider additional security measures for valuable accounts such as e-banking and cryptocurrency wallets.
The U.S. federal government has charged three individuals with a phone hacking conspiracy, alleging their involvement in the theft of $400 million from FTX during the crypto exchange's collapse. The trio is accused of operating a SIM swapping ring and targeting fifty victims between March 2021 and April 2023, with the most notable heist being the siphoning of funds from FTX in November 2022. This development sheds light on the mystery surrounding the disappearance of hundreds of millions of dollars in crypto from the exchange during its bankruptcy protection filing.
Three Americans have been charged with stealing over $400 million in a SIM-swapping attack, with indications pointing to the now-defunct cryptocurrency exchange FTX as the victim. The indictment alleges that the perpetrators, part of a group called the "Powell SIM Swapping Crew," stole the funds on November 11, 2022. While the SIM-swappers are U.S. residents, there are indications of help from organized cybercriminals in Russia. The stolen funds were reportedly laundered through exchanges with ties to criminal groups based in Russia. The FTX bankruptcy proceedings are being handled by Kroll, which recently suffered its own breach after an employee was SIM-swapped.
The U.S. Department of Justice is seeking to seize $5.2 million in Bitcoin from a teenage hacker who stole the cryptocurrency from crypto executives in 2016. The hacker, Ahmad Wagaafe Hared, was involved in a SIM-swapping scheme where he tricked cell phone carriers into handing over control of the victims' phones. Hared also purchased a sports car with the stolen Bitcoin. The scheme was uncovered in 2019, leading to the arrest of Hared and his co-conspirator.
Two U.K. teenagers, including Arion Kurtaj, have been convicted for their involvement in the LAPSUS$ hacking gang, responsible for high-profile hacks against major tech firms. The hackers conducted SIM swapping and prompt bombing attacks to gain unauthorized access to corporate networks, targeting companies like Uber, Revolut, and Rockstar Games. They demanded ransom in exchange for not leaking the stolen information and solicited rogue insiders for credentials. The group infiltrated organizations such as BT, EE, Microsoft, and Samsung. The teenagers are awaiting sentencing.
Joseph O'Connor, one of the hackers behind the 2020 Twitter hack, has been sentenced to five years in federal prison and ordered to pay back over $790,000 in illicitly obtained funds. O'Connor, a British citizen, pleaded guilty to seven charges associated with the digital attack, which affected 130 accounts and sowed chaos across the platform. Along with his fellow hackers, O'Connor used his sophisticated technological abilities for malicious purposes, including conducting a complex SIM swap attack to steal large amounts of cryptocurrency, hacking Twitter, conducting computer intrusions to take over social media accounts, and even cyberstalking two victims, including a minor victim.
Joseph James O'Connor, one of the perpetrators of the 2020 Twitter hack, has been sentenced to five years in prison for his involvement in the cybercrime. O'Connor, who also carried out a SIM-swapping attack on a TikTok account, stole $794,000 worth of cryptocurrency during the Twitter hack. He and his co-conspirators laundered the stolen cryptocurrency through multiple transfers and exchanges. O'Connor must forfeit the stolen funds and faces three years of supervised release after his prison term.
A financially motivated cybergang known as UNC3944 is using phishing and SIM swapping attacks to hijack Microsoft Azure admin accounts and gain access to virtual machines. They abuse the Azure Serial Console to install remote management software for persistence and use Azure Extensions for stealthy surveillance. UNC3944 aims to steal data from victim organizations using Microsoft's cloud computing service. The attack demonstrates the group's deep understanding of the Azure environment and how they can leverage built-in tools to evade detection.
UK man Joseph O'Connor, also known as "PlugwalkJoe," pleaded guilty to charges related to a high-profile hack on Twitter accounts of celebrities and politicians, including Joe Biden and Elon Musk, in 2020. O'Connor was extradited from Spain and charged with conspiracy to commit computer intrusion, cyberstalking, and conspiracy to commit wire fraud and money laundering. The charges carry a maximum sentence of 77 years. O'Connor was also charged and pled guilty for his role in a SIM-swapping attack that targeted high-profile companies and executives in the cryptocurrency industry, resulting in the theft of $794,000 in digital assets.